From: Bruce Momjian Date: Fri, 14 Jun 2002 04:35:02 +0000 (+0000) Subject: Patch that checks ownership and permissions on server static X-Git-Tag: REL9_0_0~17670 X-Git-Url: http://git.osdn.net/view?a=commitdiff_plain;h=b8b6691e5262ade0d863cada0d67d85fad668fd0;p=pg-rex%2Fsyncrep.git Patch that checks ownership and permissions on server static private key. (You want it to be a regular file owned by the database process, with 0400 or 0600 permissions.) Bear Giles --- diff --git a/src/backend/libpq/be-secure.c b/src/backend/libpq/be-secure.c index 51b7e85c4c..4b2b3e8520 100644 --- a/src/backend/libpq/be-secure.c +++ b/src/backend/libpq/be-secure.c @@ -11,7 +11,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.3 2002/06/14 04:33:53 momjian Exp $ + * $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.4 2002/06/14 04:35:02 momjian Exp $ * * Since the server static private key ($DataDir/server.key) * will normally be stored unencrypted so that the database @@ -59,7 +59,7 @@ * [ ] use 'random' file, read from '/dev/urandom?' * [*] emphermal DH keys, default values * [*] periodic renegotiation - * [ ] private key permissions + * [*] private key permissions * * milestone 4: provide endpoint authentication (client) * [ ] server verifies client certificates @@ -551,7 +551,20 @@ initialize_SSL (void) fnbuf, SSLerrmessage()); ExitPostmaster(1); } + snprintf(fnbuf, sizeof(fnbuf), "%s/server.key", DataDir); + if (lstat(fnbuf, &buf) == -1) + { + postmaster_error("failed to stat private key file (%s): %s", + fnbuf, strerror(errno)); + ExitPostmaster(1); + } + if (!S_ISREG(buf.st_mode) || (buf.st_mode & 0077) || + buf.st_uid != getuid()) + { + postmaster_error("bad permissions on private key file (%s)", fnbuf); + ExitPostmaster(1); + } if (!SSL_CTX_use_PrivateKey_file(SSL_context, fnbuf, SSL_FILETYPE_PEM)) { postmaster_error("failed to load private key file (%s): %s",